Skip to content

Senior Cyber Risk Analyst

General information


Lowell - Massachusetts - USA, Weston - Florida - USA


Governance, Risk & Compliance

Ref #:


Description & Requirements


This position works as part of the Governance, Risk and Compliance department, which is responsible for management of cyber risk across the enterprise. The role offers the opportunity to be engaged in all facets of cyber risk including security, privacy, and risk management, and security and compliance program development.

As a member of the department, the individual will be committed to overall data protection risk management and its role in the company's continued success. The Senior Cyber Risk Analyst is a highly visible role that interfaces with key stakeholders in the organization and may also support UKG customers and Partners. The position demands an organized, action-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.

The new hire will be responsible for participating in maintaining compliance, and/or building and executing a compliance program that is aligned with SOC 1, SOC2, ISO27000 series (27001, 27002, 27017, 27018). This includes but is not limited to the following activities:

• Design and maintain controls.
• Document systems, processes, and controls using narratives.
• Evaluate the design and operating effectiveness of controls to identify and recommend business process changes resulting in strengthened internal controls.
• Coordinate external auditors, prepare controls owners, review, and collect required evidence as needed to meet compliance requirements.
• Collaborate with control owners to remediate control gaps and track the remediation efforts.
• Support the business teams with establishing new procedures/policies and ensure alignment with regulations/standards.
• Drive internal assessment and compliance of our controls with the implementation of control monitoring.
• Function as technical SME during internal and external audits.
• Work closely with internal stakeholders to educate them and achieve compliance over technology control environment.
• Develop, maintain, report on key risk metrics.
• Communicate progress, escalations, and issue resolution to management and team stakeholders.
• Build relationships with a broad range of UKG employees at all levels to accomplish program objectives and further Governance Risk and Compliance goals.


What We Look For In You:

• 3- 5+ years of security/IT compliance or equivalent experience.
• Hands-on experience with auditing security frameworks such as SOC 1, SOC 2, and/or ISO27001.
• BA or BS in a technical field or equivalent experience.
• Ability to accomplish outcomes effectively and autonomously across cross-functional teams in ambiguous situations with minimal supervision.
• Outstanding written and spoken communication skills.
• Ability to multitask, prioritize work and meet deadlines in a fast-paced environment.

Nice to Haves:
• Proven understanding and audit experience of cloud technologies such as AWS, Microsoft Azure, and GCP, (GCP preferred).
• Compliance/Security certifications e.g. CISA, CISSP, CISM, CCSK, CCAK or other relevant certifications.
• Prior experience at a big 4 accounting firm.
• Prior experience in scripting/establishing continuous control monitoring controls is a plus.
• Experience mapping common controls across multiple frameworks.
• Prior experience automating audit evidence collection.

Corporate overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 

View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email or please call 1 (978) 250 9800.